Working with SAML |
Option | Description |
---|---|
Name | Give this configuration a name. |
Publicly Visible | Determine whether Faspex allows users to choose this IdP as an option from the
local login page. If selected, Faspex displays this IdP as a login option. If not
selected, Faspex does not display this IdP and users must access the IdP using a domain
URL. Note: If the admin does not specify a SAML configurations as the default, Faspex
automatically redirects users to the local login page. For more information on bypassing
the SAML redirect, see Bypassing the SAML Redirect.
|
Public Login Instructions | This option becomes available when Publicly Visible is selected. Enter a description of the IdP and specify instructions for logging into the IdP. |
Restrict access to known groups | Prevent SAML users that are not members of existing Faspex SAML groups from logging
into this IdP. If a user is a member of multiple groups, the user can log in as long as
one of those groups exists in Faspex. Note: If this feature is enabled, Faspex does not
create new groups for users that are a member of multiple SAML groups. For more
information about automatically creating new groups, see User Accounts Provisioned by Just-In-Time (JIT) Provisioning. For
more information about SAML groups, see Creating SAML Groups.
|
Default SAML Configuration | Determine if accessing the Faspex URL redirects users to this IdP or to the local
Faspex login page. If selected, accessing the Faspex URL directs them to this IdP. If not
selected, users arrive at the local login page instead. Note: Setting a default SAML
configuration does not affect the workflow for client applications such as IBM Aspera
Drive or the IBM Aspera Add-in for Microsoft Outlook. Even if a configuration is set
as default, the client application still presents all public SAML
configurations.
|
Domain URL | Enter an alternate Faspex domain URL that directs users to this IdP when they
access it. This URL overrides the default URL. Tip: You do not need to enter a
full URL. For example, you can use idp.faspex.com instead of
https://idp.faspex.com.
Domain URLs require further
configuration. For more information, see Configuring a Domain URL for SAML. |